Red Hat Bugzilla – Bug 132956
mod_auth_svn information leak
Last modified: 2007-11-30 17:10:49 EST
mod_authz_svn, the Apache httpd module which does path-based
authorization on Subversion repositories, is not correctly protecting
all metadata on unreadable paths.
This metadata leakage affects the mod_authz_svn module in all released
versions of Subversion (through 1.0.7), as well as the 1.1-rc1, -rc2
and -rc3 release candidates. The leakage is fixed in the 1.0.8 and
1.1-rc4 release, as well as the upcoming 1.1 final release.
If a Subversion commit affects paths that an administrator has marked
"unreadable" using mod_authz_svn, then
- "svn log -v" will list the existence of the unreadable paths;
- "svn log -v" will show the commit's log message, which might be
considered sensitive metadata in some situations;
- "svn propget" is also able to fetch the log message of any commit;
- "svn blame" and other commands that follow renames are able to
acknowledge the existence of earlier versions of
files that exist at unreadable locations.
Fixed in 1.0.8 update, Thu 23 Sep 2004: